need help with .htaccess

djoe · **Joined:** Wed Sep 09, 2009 4:28 am **Posts:** 15

Hey all,

Recently there have been hacking attempts to break our server and one of the attacks is using the query string phpbb_root_path

How can I prevent this using htaccess? From google I found this

Code:

RewriteCond %{QUERY_STRING} ^.*(phpbb_root_path=|album_root_path=|module_root_path=|mx_root_path=|upi2db_file_path=|option=).*$ 

What does that code actually do? Because when I type a url with the phpbb_root_path query string and press enter, it will show the index.php AND the url is still there with the phpbb_root_path. Theoritically, the browser url should show index.php only rite?

thanks for any response

dynamicnet · **Joined:** Wed Aug 05, 2009 1:42 pm **Posts:** 484

Greetings:

First off, I would try to find the article that contained the code as the article may have a complete or otherwise better explanation.

The "|" symbol means "or" so basically the code is checking for **any** of the following conditions being true:

Code:

phpbb_root_path=
album_root_path=
module_root_path=
mx_root_path=
upi2db_file_path=
option=

As part of the {QUERY_STRING}.

Now, whether this offers any protection or of what kind, I don't know... what's where finding the article that contained the suggestion to use the code would be more helpful.

Thank you.

djoe · **Joined:** Wed Sep 09, 2009 4:28 am **Posts:** 15

Recently in the jstats table, we found several attempts to access our server like this

http://www.mysite.com/index.php?phpbb_r ... s/test.txt

We believed it's a hacking attempt. So we decided to strengthen our htaccess policy to not allow URL injection like that and we found this

http://www.icyphoenix.com/viewtopic.php?t=213

However we feel no difference after we applied the code.

dynamicnet · **Joined:** Wed Aug 05, 2009 1:42 pm **Posts:** 484

Greetings:

http://www.icyphoenix.com/viewtopic.php?t=213 appears to be specifically for their CMS based on phpBB; and that's a different animal (so to write) than Joomla.

I would recommend installing mod_security, disabling insecure PHP functions as well as turning off fopen_url.

Thank you.

djoe · **Joined:** Wed Sep 09, 2009 4:28 am **Posts:** 15

Thanks for the suggestions

I understand that they are different but because our site is attacked in a similar way, so we just want to strengthen our htaccess and would like to ask advice on how to do it properly (against similar type of attack, including but not limited to phpbb_root_path) and whether it's necessary.

We don't even have phpbb on our site

dynamicnet · **Joined:** Wed Aug 05, 2009 1:42 pm **Posts:** 484

Greetings:

I gave my advice when I stated, "I would recommend installing mod_security, disabling insecure PHP functions as well as turning off fopen_url."

Thank you.

djoe · **Joined:** Wed Sep 09, 2009 4:28 am **Posts:** 15

Then I say thank you again as I also agree that your advice is useful and opened my eyes on something i didn't notice before

I'm just still curious if there's anyone else using htaccess to secure their site. I know there are lots of other useful way like what dynamicnet suggest. However is there anything htaccess specific?

PS. I also already read the one that is stickied in this forum.

Thanks again

Joomla! Discussion Forums

Forum rules

need help with .htaccess

Quick reply

Who is online